1
00:00:00,740 --> 00:00:07,880
So in this section, I will show you the techniques used to crack Wi-Fi network passwords with WPA WPA

2
00:00:07,880 --> 00:00:15,380
to protocol in the Wi-Fi network interaction section, we learn some background to better understand

3
00:00:15,380 --> 00:00:21,320
what data is might need to review it or you can continue.

4
00:00:23,020 --> 00:00:29,320
But just to refresh your memory, there's an important difference between cracking WPA and WPA two and

5
00:00:29,320 --> 00:00:29,770
weap.

6
00:00:31,400 --> 00:00:37,300
Now, this is the approach used to crack the WPA and the WPA to pre shared key.

7
00:00:38,210 --> 00:00:44,330
So unlike Webb, where statistical methods can be used to speed up the fracking process, only plain

8
00:00:44,330 --> 00:00:51,430
brute force techniques can be used against WPA and WPA, too, because the key is not static.

9
00:00:52,310 --> 00:00:57,710
So collecting initialization vectors like when you're cracking weapon encryption is not going to speed

10
00:00:57,710 --> 00:00:58,490
up the attack.

11
00:00:59,700 --> 00:01:05,970
The only thing that does give information to start an attack is the handshake between client and happy.

12
00:01:07,290 --> 00:01:14,790
There isn't really a difference between cracking WPA or WPA to networks, the authentication methodology

13
00:01:14,790 --> 00:01:16,220
is basically the same between them.

14
00:01:16,560 --> 00:01:20,630
So the techniques are, well, I'd say identical.

15
00:01:21,480 --> 00:01:27,040
So it's important to use a brute force attack approach during an attack because tracking the WPA to

16
00:01:27,060 --> 00:01:31,470
encryption algorithm is very computationally intensive.

17
00:01:32,910 --> 00:01:40,370
A computer can test maybe 50 to 300 possible keys per second, depending on the computer CPU.

18
00:01:41,250 --> 00:01:48,840
So this process can take days or sometimes hours don't want to discourage you, but you will need a

19
00:01:48,840 --> 00:01:55,710
wordlist that will cover all permutations and combinations of characters and special symbols.

20
00:01:56,400 --> 00:01:59,250
So a wordlist or a password dictionary.

21
00:02:00,090 --> 00:02:02,800
Is a collection of passwords stored in plain text.

22
00:02:03,600 --> 00:02:06,120
It's basically a text file with a bunch of passwords in it.

23
00:02:07,170 --> 00:02:14,730
One of the most important points before starting the attacks is password lists that you will use during

24
00:02:14,730 --> 00:02:15,390
key breaking.

25
00:02:16,250 --> 00:02:22,190
It's very important to have a strong list in order to minimize the amount of time that you're going

26
00:02:22,190 --> 00:02:23,060
to spend cracking.

27
00:02:24,060 --> 00:02:30,930
Therefore, beside the word lists, you can find all over the Internet, there are some built-In word

28
00:02:30,930 --> 00:02:32,160
lists in Caleigh.

29
00:02:34,220 --> 00:02:37,200
But first, let's take a look at some of the word lists on the Internet.

30
00:02:37,430 --> 00:02:42,590
So go to Caleigh over the browser and search password word lists.

31
00:02:45,530 --> 00:02:47,510
So let's click on this GitHub page.

32
00:02:48,450 --> 00:02:55,050
So this repository is commonly used for password cracking, it includes a number of very popular lists,

33
00:02:55,410 --> 00:02:57,530
including the RockYou lists.

34
00:02:57,540 --> 00:02:58,680
I don't know if you've heard of those.

35
00:02:59,430 --> 00:03:00,840
So we'll take a quick look now.

36
00:03:03,090 --> 00:03:06,750
So here's a folder that includes the wi fi passwords.

37
00:03:07,700 --> 00:03:08,840
Let's open it and.

38
00:03:10,830 --> 00:03:16,800
There are the top passwords in these lists, so you can choose whatever you want according to the password,

39
00:03:16,800 --> 00:03:17,160
no.

40
00:03:18,200 --> 00:03:19,460
Let's open one of them.

41
00:03:20,720 --> 00:03:27,440
OK, so as you can see, it contains simple passwords as well as the most used ones, but there are

42
00:03:27,440 --> 00:03:29,600
also some complex passwords.

43
00:03:31,450 --> 00:03:34,450
So let's look at some of the other password lists on Google.

44
00:03:36,430 --> 00:03:38,090
Yeah, let's have a look at this Web site.

45
00:03:38,930 --> 00:03:43,360
Now, there are word lists with the rate and size information here.

46
00:03:47,510 --> 00:03:48,230
So let's go back.

47
00:03:49,510 --> 00:03:54,730
There's another popular Web site that includes password dictionaries and leaked passwords.

48
00:03:56,770 --> 00:03:59,020
Ed Scull in the search bar.

49
00:04:00,100 --> 00:04:02,110
And we'll click on the first website.

50
00:04:03,900 --> 00:04:07,170
So you can also download these popular password dictionaries from here.

51
00:04:08,780 --> 00:04:18,710
Now, these passwords were all collected from leaked or stolen repositories from different websites.

52
00:04:20,500 --> 00:04:23,050
OK, so you can select whatever list you want.

53
00:04:24,280 --> 00:04:31,030
I'll download Daniel Missileers list because we looked at that first, but also I know what's in there.

54
00:04:32,330 --> 00:04:34,220
So we'll go back to the GitHub page.

55
00:04:37,240 --> 00:04:40,450
Click on the SEC list and copy the link.

56
00:04:43,910 --> 00:04:47,900
Open the terminal screen and we'll clone the repository.

57
00:05:01,030 --> 00:05:07,750
All right, so now we have taken our most important weapon, we can start these attacks.